Apache WebDAV Path Handling Enables DAV Property Database Manipulation

CVE-2026-42535 is a critical path handling vulnerability in Apache's mod_dav_fs module affecting versions 2.4.67 and earlier. This flaw allows WebDAV content authors to bypass access controls and directly manipulate trusted DAV property databases—metadata structures that Apache relies on for file handling and permission enforcement. When exploited, attackers can corrupt these databases, triggering child process crashes and potentially denying service to legitimate users. Organizations running Apache with WebDAV functionality enabled, particularly those using it for collaborative content management or file sharing, face immediate risk. The CVSS score of 9.1 reflects the severity: an authenticated attacker with content authoring privileges can cause significant operational disruption without requiring privilege escalation.

While CVE-2026-42535 doesn't map to specific MITRE ATT&CK techniques in its current classification, Casky.ai's extended reasoning capabilities would detect the underlying attack patterns within the vulnerability class. Practitioners should monitor for suspicious file system access attempts targeting DAV metadata directories (typically .htaccess or property storage locations), unusual process termination patterns in Apache child processes, and anomalous WebDAV PUT/MKCOL requests with malformed path parameters. Although Casky currently shows zero matching skills for this CVE, the platform's continuous skill mapping against CWE-668 (Exposure of Resource to Wrong Sphere) would flag similar path traversal and metadata manipulation attempts across your environment. Security teams should prioritize patching to 2.4.68 immediately and audit WebDAV access logs for any suspicious authoring activity preceding this advisory.